(844) 627-8267 | Info@NationalCyberSecurity
(844) 627-8267 | Info@NationalCyberSecurity

Yes, Ransomware is Still a Huge Problem | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Ransomware has been a growing plague on businesses for nearly a decade. And data shows it is increasing. New research from Sophos finds 76% of ransomware attacks resulted in the criminals successfully encrypting data. This is the highest rate of data encryption from ransomware since Sophos began its annual State of Ransomware reports in 2020. 

The latest edition of the report debunks the idea that ransomware is holding steady or even declining. In fact, 67% of organizations were hit by ransomware in 2022. This reveals rates of encryption have returned to very high levels after a temporary dip during the pandemic, as crews have refined their methodologies of attack.

“The bottom line is there are so many poorly defended targets there is endless supply,” said Chester Wisniewski, field chief technology officer at Sophos. “Ransomware gangs aren’t doing anything sophisticated. People are just so poorly defended and almost all victims are badly patched.”

Data encryption from ransomware is at the highest level in four years, according to the report. In 30% of cases where data was encrypted, data was also stolen, suggesting this “double dip” method (data encryption and data exfiltration) is becoming commonplace for ransomware gangs.

Paying the ransom? Then expect to pay more overall 

While many organizations panic in an attack and pay the ransom, hoping to avoid too much damage, the study finds that is a bad idea. The research reveals that 46% of respondents who were victims of data encryption in an attack paid the ransom and got data back.  But those victims that paid the ransom to get their data back saw their non-ransom recovery costs double ($750,000 in recovery costs versus $375,000 for organizations that used backups to get data back). Wisniewski said it is important to note that figure does not include the ransom cost, so victims end up paying much more once the dollar amount of the ransom is factored in.

Paying the ransom usually leads to longer recovery times. The report reveals 45% of victims that used backups recovered within a week, compared to just 39% of those that paid the ransom. 

“The increase in cost for many can partly be attributed to the delay in the ability to start recovery,” said Wisniewski.”Some organizations try and negotiate, but that’s just not how it works with criminals and negotiation just delays the process of recovery.”

And even if victims pay the ransom, very few get all of the files back and would be better served working with a managed service provider who can help navigate the process for them. A provider can help lower the time it takes to respond and mitigate damage.

Working with a Managed Detection and Response (MDR) provider is one way to guard against bad outcomes in a ransomware attack. Adopting security tools that specifically target the most common attack vectors is also important. These tools should include endpoint protection with anti-exploit capabilities. Integrating Zero Trust Network Access (ZTNA) helps prevent the misuse of compromised credentials.

Another important point: prioritize regular backups of data. It is essential to practice data recovery from these backups and ensure they are up to date. And maintain good security hygiene, including regular patching of systems and applications to address vulnerabilities promptly.

Learn how Sophos endpoint and MDR can secure your organization against ransomware attacks at Sophos.com.


Click Here For The Original Source.

National Cyber Security